Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pomalý NTB

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
Polska Pasha
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 113
Registrován: 29 čer 2014 09:06

Pomalý NTB

#1 Příspěvek od Polska Pasha »

Dobrý den, notebook je zasekaný a start je pomalý. Děkuji.

log z RSIT zde:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Roman at 2016-11-26 18:42:33
Microsoft Windows 8.1
System drive C: has 642 GB (91%) free of 704 GB
Total RAM: 3987 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:42:37, on 26. 11. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\UMonit64.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Roman.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TEJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\Toshiba\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11252 bytes

======Listing Processes======






wininit.exe
winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\CxAudMsg64.exe
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {255c6bb1-15d6-4ab9-9e3e5c4fde4e2eb4}
"C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe"
"C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\Toshiba\Teco\TecoService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\UMonit64.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\Toshiba\Teco\TecoResident.exe"
"C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe" /hide
"C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=54.0.2840.99 --handshake-handle=0x124
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,15,16,17,20,34,51,60 --gpu-vendor-id=0x8086 --gpu-device-id=0x0156 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3308 --gpu-driver-date=9-16-2013 --mojo-application-channel-token=A1D9BEBC1C07A1985DF62702F3EB92A3 --mojo-platform-channel-handle=1292 --ignored=" --type=renderer " /prefetch:2
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe"
taskeng.exe {32808EAE-F6E2-4D04-8599-9AC8361CE134}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=9788AC5090EA1973C6874E5C8A3E8011 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --disable-accelerated-video-decode --mojo-application-channel-token=9788AC5090EA1973C6874E5C8A3E8011 --channel="4860.5.1577211345\1330752258" --mojo-platform-channel-handle=2288 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-593b9c0d-b840-420f-a935-44c11beba26a -SystemEventPortName:HostProcess-315befbd-abee-44bf-8d20-be277a64177b -IoCancelEventPortName:HostProcess-81361503-2fb9-460f-a7ae-d3caedbd1c47 -NonStateChangingEventPortName:HostProcess-924837fe-dc90-4906-9511-2aec8ef03810 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b9562cf9-ad77-4c65-99a2-cf2bc7e48f36 -DeviceGroupId:WudfDefaultDevicePool
"C:\Users\Roman\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\mtso404o.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
NPOFF12.DLL

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-02 205416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-02 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-02 2322576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-02 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-21 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-02 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-02 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-21 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-09-23 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-09-23 771056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-09-23 769520]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2015-08-14 601944]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]
"TecoResident"=C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2013-08-21 178016]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-13 354144]
"TCrdMain"=C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-08-18 2556768]
"TSSSrv"=C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [2013-09-12 296520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-02-19 7416088]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TSVU"=c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23 516512]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-16 9080768]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22 587288]

C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-09-23 623104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-26 18:42:33 ----D---- C:\rsit
2016-11-26 18:42:33 ----D---- C:\Program Files\trend micro
2016-11-26 18:32:39 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-26 16:36:33 ----A---- C:\Windows\SYSWOW64\msvcr120_clr0400.dll
2016-11-26 16:36:33 ----A---- C:\Windows\SYSWOW64\msvcp120_clr0400.dll
2016-11-26 16:36:33 ----A---- C:\Windows\system32\msvcr120_clr0400.dll
2016-11-26 16:36:33 ----A---- C:\Windows\system32\msvcp120_clr0400.dll
2016-11-26 16:21:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-11-26 16:21:05 ----A---- C:\Windows\system32\rpcrt4.dll
2016-11-26 16:20:54 ----A---- C:\Windows\system32\polstore.dll
2016-11-26 16:20:54 ----A---- C:\Windows\system32\gpsvc.dll
2016-11-26 16:20:54 ----A---- C:\Windows\system32\gpapi.dll
2016-11-26 16:20:53 ----A---- C:\Windows\SYSWOW64\polstore.dll
2016-11-26 16:20:53 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2016-11-26 16:20:53 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2016-11-26 16:20:53 ----A---- C:\Windows\system32\IPSECSVC.DLL
2016-11-26 16:20:53 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2016-11-26 16:20:22 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-11-26 16:20:22 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-11-26 16:20:22 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2016-11-26 16:19:42 ----A---- C:\Windows\system32\samsrv.dll
2016-11-26 16:19:41 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-11-26 16:19:41 ----A---- C:\Windows\system32\samlib.dll
2016-11-26 16:19:38 ----A---- C:\Windows\SYSWOW64\Windows.UI.dll
2016-11-26 16:19:38 ----A---- C:\Windows\SYSWOW64\mfmp4srcsnk.dll
2016-11-26 16:19:38 ----A---- C:\Windows\system32\Windows.UI.dll
2016-11-26 16:19:38 ----A---- C:\Windows\system32\mfmp4srcsnk.dll
2016-11-26 16:19:00 ----A---- C:\Windows\system32\VSSVC.exe
2016-11-26 16:18:59 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-11-26 16:18:59 ----A---- C:\Windows\system32\ntprint.dll
2016-11-26 16:18:59 ----A---- C:\Windows\system32\inetpp.dll
2016-11-26 16:18:59 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-11-26 16:18:59 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-11-26 16:18:59 ----A---- C:\Windows\system32\drivers\srv.sys
2016-11-26 16:18:31 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-11-26 16:18:31 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-11-26 16:18:30 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-11-26 16:18:30 ----A---- C:\Windows\system32\msxml3.dll
2016-11-26 16:18:22 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-11-26 16:18:22 ----A---- C:\Windows\system32\WsmSvc.dll
2016-11-26 16:18:21 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-11-26 16:18:21 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-11-26 16:18:21 ----A---- C:\Windows\SYSWOW64\WsmAgent.dll
2016-11-26 16:18:21 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-11-26 16:18:21 ----A---- C:\Windows\system32\WsmAuto.dll
2016-11-26 16:18:21 ----A---- C:\Windows\system32\WsmAgent.dll
2016-11-26 16:18:21 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2016-11-26 16:17:56 ----A---- C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2016-11-26 16:17:51 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-11-26 16:17:51 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-11-26 16:17:50 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2016-11-26 16:17:50 ----A---- C:\Windows\SYSWOW64\themecpl.dll
2016-11-26 16:17:50 ----A---- C:\Windows\SYSWOW64\stobject.dll
2016-11-26 16:17:50 ----A---- C:\Windows\SYSWOW64\SettingSyncHost.exe
2016-11-26 16:17:50 ----A---- C:\Windows\SYSWOW64\SettingSyncCore.dll
2016-11-26 16:17:50 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2016-11-26 16:17:50 ----A---- C:\Windows\SYSWOW64\hgcpl.dll
2016-11-26 16:17:50 ----A---- C:\Windows\SYSWOW64\AppxAllUserStore.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\usercpl.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\themecpl.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-11-26 16:17:50 ----A---- C:\Windows\system32\stobject.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\SettingSyncHost.exe
2016-11-26 16:17:50 ----A---- C:\Windows\system32\SettingSyncCore.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\SettingSync.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\SettingsHandlers.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\SettingMonitor.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\hgcpl.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\AppxAllUserStore.dll
2016-11-26 16:17:49 ----A---- C:\Windows\SYSWOW64\SettingMonitor.dll
2016-11-26 16:17:49 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2016-11-26 16:17:41 ----A---- C:\Windows\system32\workfolderssvc.dll
2016-11-26 16:17:41 ----A---- C:\Windows\system32\WorkfoldersControl.dll
2016-11-26 16:16:32 ----A---- C:\Windows\system32\mtxoci.dll
2016-11-26 16:16:31 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-11-26 16:16:31 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-11-26 16:16:27 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-11-26 16:16:27 ----A---- C:\Windows\system32\schannel.dll
2016-11-26 16:16:26 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-11-26 16:16:26 ----A---- C:\Windows\system32\oleaut32.dll
2016-11-26 16:16:26 ----A---- C:\Windows\system32\drivers\disk.sys
2016-11-26 16:15:36 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-11-26 16:15:36 ----A---- C:\Windows\SYSWOW64\glcndFilter.dll
2016-11-26 16:15:36 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-11-26 16:15:35 ----A---- C:\Windows\system32\glcndFilter.dll
2016-11-26 16:15:34 ----A---- C:\Windows\system32\drivers\vpci.sys
2016-11-26 16:15:06 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2016-11-26 16:15:06 ----A---- C:\Windows\system32\storagewmi.dll
2016-11-26 16:15:03 ----A---- C:\Windows\SYSWOW64\dsparse.dll
2016-11-26 16:15:03 ----A---- C:\Windows\system32\dsparse.dll
2016-11-26 16:15:01 ----A---- C:\Windows\SYSWOW64\dhcpsapi.dll
2016-11-26 16:15:01 ----A---- C:\Windows\system32\dhcpsapi.dll
2016-11-26 16:14:28 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2016-11-26 16:14:28 ----A---- C:\Windows\system32\nshwfp.dll
2016-11-26 16:14:28 ----A---- C:\Windows\system32\IKEEXT.DLL
2016-11-26 16:14:28 ----A---- C:\Windows\system32\dnsrslvr.dll
2016-11-26 16:14:28 ----A---- C:\Windows\system32\dnsapi.dll
2016-11-26 16:14:27 ----A---- C:\Windows\system32\vpnike.dll
2016-11-26 16:14:27 ----A---- C:\Windows\system32\rdpcorets.dll
2016-11-26 16:14:26 ----A---- C:\Windows\SYSWOW64\rasapi32.dll
2016-11-26 16:14:26 ----A---- C:\Windows\SYSWOW64\mprdim.dll
2016-11-26 16:14:26 ----A---- C:\Windows\SYSWOW64\mprddm.dll
2016-11-26 16:14:26 ----A---- C:\Windows\system32\rasmans.dll
2016-11-26 16:14:26 ----A---- C:\Windows\system32\rasapi32.dll
2016-11-26 16:14:26 ----A---- C:\Windows\system32\mprdim.dll
2016-11-26 16:14:26 ----A---- C:\Windows\system32\mprddm.dll
2016-11-26 16:14:26 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-11-26 16:14:25 ----A---- C:\Windows\SYSWOW64\dssenh.dll
2016-11-26 16:14:25 ----A---- C:\Windows\system32\wpdbusenum.dll
2016-11-26 16:14:25 ----A---- C:\Windows\system32\rdpudd.dll
2016-11-26 16:14:25 ----A---- C:\Windows\system32\rdpclip.exe
2016-11-26 16:14:25 ----A---- C:\Windows\system32\rasppp.dll
2016-11-26 16:14:25 ----A---- C:\Windows\system32\rasman.dll
2016-11-26 16:14:25 ----A---- C:\Windows\system32\rascustom.dll
2016-11-26 16:14:25 ----A---- C:\Windows\system32\dssenh.dll
2016-11-26 16:14:25 ----A---- C:\Windows\system32\drivers\agilevpn.sys
2016-11-26 16:14:24 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2016-11-26 16:14:24 ----A---- C:\Windows\system32\iprtrmgr.dll
2016-11-26 16:14:23 ----A---- C:\Windows\SYSWOW64\rasppp.dll
2016-11-26 16:14:23 ----A---- C:\Windows\SYSWOW64\rasman.dll
2016-11-26 16:13:38 ----A---- C:\Windows\SYSWOW64\shacct.dll
2016-11-26 16:13:38 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2016-11-26 16:13:38 ----A---- C:\Windows\system32\shacct.dll
2016-11-26 16:13:29 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2016-11-26 16:13:29 ----A---- C:\Windows\system32\iepeers.dll
2016-11-26 16:13:28 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-11-26 16:13:28 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-11-26 16:13:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-11-26 16:13:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-11-26 16:13:28 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-26 16:13:28 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-26 16:13:27 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-11-26 16:13:26 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-11-26 16:13:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-26 16:13:26 ----A---- C:\Windows\system32\urlmon.dll
2016-11-26 16:13:26 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-26 16:13:26 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-11-26 16:13:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-11-26 16:13:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-26 16:13:25 ----A---- C:\Windows\system32\vbscript.dll
2016-11-26 16:13:25 ----A---- C:\Windows\system32\msfeeds.dll
2016-11-26 16:13:24 ----A---- C:\Windows\system32\ieapfltr.dll
2016-11-26 16:13:23 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-26 16:13:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-11-26 16:13:23 ----A---- C:\Windows\system32\iertutil.dll
2016-11-26 16:13:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-11-26 16:13:22 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-11-26 16:13:22 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-11-26 16:13:22 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-11-26 16:13:22 ----A---- C:\Windows\system32\DafPrintProvider.dll
2016-11-26 16:13:21 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2016-11-26 16:13:21 ----A---- C:\Windows\system32\jscript.dll
2016-11-26 16:13:20 ----A---- C:\Windows\system32\ieframe.dll
2016-11-26 16:13:20 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-26 16:13:19 ----A---- C:\Windows\system32\webcheck.dll
2016-11-26 16:13:19 ----A---- C:\Windows\system32\jscript9.dll
2016-11-26 16:13:18 ----A---- C:\Windows\system32\ieui.dll
2016-11-26 16:13:17 ----A---- C:\Windows\system32\win32k.sys
2016-11-26 16:13:17 ----A---- C:\Windows\system32\inetcomm.dll
2016-11-26 16:13:16 ----A---- C:\Windows\system32\wininet.dll
2016-11-26 16:13:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-11-26 16:13:16 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-11-26 16:13:15 ----A---- C:\Windows\system32\mshtml.dll
2016-11-26 16:13:13 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-11-26 16:13:13 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-26 16:13:13 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-26 16:13:12 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-11-26 16:13:12 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2016-11-26 16:13:12 ----A---- C:\Windows\system32\twinui.appcore.dll
2016-11-26 16:13:12 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-26 16:13:11 ----A---- C:\Windows\system32\ole32.dll
2016-11-26 16:13:11 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-26 16:13:11 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-26 16:13:10 ----A---- C:\Windows\system32\netlogon.dll
2016-11-26 16:13:09 ----A---- C:\Windows\SYSWOW64\twinui.appcore.dll
2016-11-26 16:13:07 ----A---- C:\Windows\system32\wmp.dll
2016-11-26 16:13:06 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-11-26 16:13:05 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-11-26 16:13:05 ----A---- C:\Windows\system32\winresume.exe
2016-11-26 16:13:05 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-11-26 16:13:05 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-11-26 16:13:04 ----A---- C:\Windows\system32\winload.exe
2016-11-26 16:13:04 ----A---- C:\Windows\system32\drivers\cng.sys
2016-11-26 16:13:03 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2016-11-26 16:13:01 ----A---- C:\Windows\SYSWOW64\esent.dll
2016-11-26 16:13:01 ----A---- C:\Windows\system32\esent.dll
2016-11-26 16:13:01 ----A---- C:\Windows\system32\diagtrack.dll
2016-11-26 16:13:00 ----A---- C:\Windows\system32\DWrite.dll
2016-11-26 16:12:58 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-11-26 16:12:58 ----A---- C:\Windows\system32\win32spl.dll
2016-11-26 16:12:58 ----A---- C:\Windows\system32\localspl.dll
2016-11-26 16:12:58 ----A---- C:\Windows\system32\FntCache.dll
2016-11-26 16:12:57 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2016-11-26 16:12:57 ----A---- C:\Windows\system32\Windows.Media.Streaming.dll
2016-11-26 16:12:57 ----A---- C:\Windows\system32\GdiPlus.dll
2016-11-26 16:12:57 ----A---- C:\Windows\system32\d3d11.dll
2016-11-26 16:12:57 ----A---- C:\Windows\system32\certcli.dll
2016-11-26 16:12:56 ----A---- C:\Windows\SYSWOW64\Windows.Media.Streaming.dll
2016-11-26 16:12:56 ----A---- C:\Windows\system32\puiobj.dll
2016-11-26 16:12:56 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-26 16:12:55 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2016-11-26 16:12:55 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2016-11-26 16:12:55 ----A---- C:\Windows\system32\wbengine.exe
2016-11-26 16:12:55 ----A---- C:\Windows\system32\drivers\refs.sys
2016-11-26 16:12:54 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2016-11-26 16:12:54 ----A---- C:\Windows\SYSWOW64\msdtcprx.dll
2016-11-26 16:12:54 ----A---- C:\Windows\SYSWOW64\DafPrintProvider.dll
2016-11-26 16:12:54 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-11-26 16:12:54 ----A---- C:\Windows\system32\SessEnv.dll
2016-11-26 16:12:54 ----A---- C:\Windows\system32\ntshrui.dll
2016-11-26 16:12:54 ----A---- C:\Windows\system32\msdtcprx.dll
2016-11-26 16:12:54 ----A---- C:\Windows\system32\atmfd.dll
2016-11-26 16:12:53 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2016-11-26 16:12:53 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-26 16:12:53 ----A---- C:\Windows\system32\vmrdvcore.dll
2016-11-26 16:12:53 ----A---- C:\Windows\system32\msctf.dll
2016-11-26 16:12:53 ----A---- C:\Windows\system32\drivers\clfs.sys
2016-11-26 16:12:52 ----A---- C:\Windows\SYSWOW64\puiapi.dll
2016-11-26 16:12:52 ----A---- C:\Windows\system32\puiapi.dll
2016-11-26 16:12:52 ----A---- C:\Windows\system32\pdh.dll
2016-11-26 16:12:52 ----A---- C:\Windows\system32\mfsvr.dll
2016-11-26 16:12:52 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2016-11-26 16:12:51 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-26 16:12:51 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-26 16:12:51 ----A---- C:\Windows\system32\drivers\spaceport.sys
2016-11-26 16:12:50 ----A---- C:\Windows\SYSWOW64\pdh.dll
2016-11-26 16:12:50 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-11-26 16:12:50 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-26 16:12:49 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2016-11-26 16:12:49 ----A---- C:\Windows\system32\drivers\parport.sys
2016-11-26 16:12:48 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-11-26 16:12:48 ----A---- C:\Windows\system32\wmploc.DLL
2016-11-26 16:12:46 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-26 16:12:45 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-11-26 16:12:45 ----A---- C:\Windows\system32\adsmsext.dll
2016-11-26 16:12:43 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2016-11-26 16:12:43 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-26 16:12:43 ----A---- C:\Windows\system32\PlayToDevice.dll
2016-11-26 16:12:43 ----A---- C:\Windows\system32\iscsiexe.dll
2016-11-26 16:12:40 ----A---- C:\Windows\system32\drivers\tm.sys
2016-11-26 16:12:29 ----A---- C:\Windows\SYSWOW64\PlayToDevice.dll
2016-11-26 16:12:29 ----A---- C:\Windows\SYSWOW64\iscsiwmi.dll
2016-11-26 16:12:29 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-26 16:12:29 ----A---- C:\Windows\system32\rastapi.dll
2016-11-26 16:12:29 ----A---- C:\Windows\system32\offreg.dll
2016-11-26 16:12:29 ----A---- C:\Windows\system32\iscsiwmi.dll
2016-11-26 16:12:29 ----A---- C:\Windows\system32\drivers\vwifimp.sys
2016-11-26 16:12:29 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-26 16:12:28 ----A---- C:\Windows\SYSWOW64\offreg.dll
2016-11-26 16:12:28 ----A---- C:\Windows\SYSWOW64\iscsidsc.dll
2016-11-26 16:12:28 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-26 16:12:28 ----A---- C:\Windows\system32\xolehlp.dll
2016-11-26 16:12:28 ----A---- C:\Windows\system32\iscsidsc.dll
2016-11-26 16:12:28 ----A---- C:\Windows\system32\input.dll
2016-11-26 16:12:28 ----A---- C:\Windows\system32\drivers\vwifibus.sys
2016-11-26 16:12:28 ----A---- C:\Windows\system32\drivers\serial.sys
2016-11-26 16:12:28 ----A---- C:\Windows\system32\dab.dll
2016-11-26 16:12:27 ----A---- C:\Windows\SYSWOW64\xolehlp.dll
2016-11-26 16:12:27 ----A---- C:\Windows\system32\drivers\serenum.sys
2016-11-26 16:12:26 ----A---- C:\Windows\system32\drivers\vwififlt.sys
2016-11-26 16:12:25 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-26 16:12:25 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-11-26 16:12:25 ----A---- C:\Windows\system32\atmlib.dll
2016-11-26 16:09:39 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-11-26 16:09:39 ----A---- C:\Windows\system32\d3d10level9.dll
2016-11-26 16:09:36 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-11-26 16:09:36 ----A---- C:\Windows\system32\sspicli.dll
2016-11-26 16:09:36 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-11-26 16:09:35 ----A---- C:\Windows\system32\drivers\volsnap.sys
2016-11-26 16:09:14 ----A---- C:\Windows\system32\poqexec.exe
2016-11-26 16:09:13 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-11-26 16:06:22 ----A---- C:\Windows\system32\ntdll.dll
2016-11-26 16:06:21 ----A---- C:\Windows\system32\csrsrv.dll
2016-11-26 16:05:38 ----A---- C:\Windows\system32\dpapisrv.dll
2016-11-26 16:04:44 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-11-26 16:04:41 ----A---- C:\Windows\SYSWOW64\IPHLPAPI.DLL
2016-11-26 16:04:41 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2016-11-26 16:04:09 ----A---- C:\Windows\system32\user32.dll
2016-11-26 16:04:08 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-11-26 16:03:45 ----A---- C:\Windows\system32\wwanmm.dll
2016-11-26 16:03:45 ----A---- C:\Windows\system32\wwanconn.dll
2016-11-26 16:03:45 ----A---- C:\Windows\system32\pnidui.dll
2016-11-26 16:03:32 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-11-26 16:03:31 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-11-26 16:03:31 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-11-26 16:03:31 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-11-26 16:03:30 ----A---- C:\Windows\system32\msi.dll
2016-11-26 16:03:30 ----A---- C:\Windows\system32\consent.exe
2016-11-26 16:03:30 ----A---- C:\Windows\system32\appinfo.dll
2016-11-26 16:03:29 ----A---- C:\Windows\system32\ncrypt.dll
2016-11-26 16:03:29 ----A---- C:\Windows\system32\KernelBase.dll
2016-11-26 16:03:27 ----A---- C:\Windows\system32\sppsvc.exe
2016-11-26 16:03:26 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-11-26 16:03:11 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2016-11-26 16:03:08 ----A---- C:\Windows\system32\sppobjs.dll
2016-11-26 16:03:07 ----A---- C:\Windows\system32\wuaueng.dll
2016-11-26 16:03:07 ----A---- C:\Windows\system32\crypt32.dll
2016-11-26 16:03:06 ----A---- C:\Windows\system32\drivers\rdbss.sys
2016-11-26 16:03:05 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-11-26 16:03:05 ----A---- C:\Windows\system32\drivers\fvevol.sys
2016-11-26 16:03:05 ----A---- C:\Windows\system32\CertEnroll.dll
2016-11-26 16:03:04 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-11-26 16:03:04 ----A---- C:\Windows\system32\winhttp.dll
2016-11-26 16:03:04 ----A---- C:\Windows\system32\sppwinob.dll
2016-11-26 16:03:03 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2016-11-26 16:03:03 ----A---- C:\Windows\system32\rpcss.dll
2016-11-26 16:03:02 ----A---- C:\Windows\system32\kerberos.dll
2016-11-26 16:03:02 ----A---- C:\Windows\system32\drivers\mup.sys
2016-11-26 16:02:57 ----A---- C:\Windows\system32\webio.dll
2016-11-26 16:02:57 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2016-11-26 16:02:56 ----A---- C:\Windows\system32\wuapi.dll
2016-11-26 16:02:55 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-11-26 16:02:55 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2016-11-26 16:02:55 ----A---- C:\Windows\system32\rdpcore.dll
2016-11-26 16:02:55 ----A---- C:\Windows\system32\MPSSVC.dll
2016-11-26 16:02:55 ----A---- C:\Windows\system32\iphlpsvc.dll
2016-11-26 16:02:54 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2016-11-26 16:02:54 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-11-26 16:02:54 ----A---- C:\Windows\system32\wucltux.dll
2016-11-26 16:02:54 ----A---- C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-11-26 16:02:54 ----A---- C:\Windows\system32\tpmvsc.dll
2016-11-26 16:02:54 ----A---- C:\Windows\system32\drivers\storport.sys
2016-11-26 16:02:54 ----A---- C:\Windows\system32\drivers\hidclass.sys
2016-11-26 16:02:54 ----A---- C:\Windows\system32\certutil.exe
2016-11-26 16:02:53 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-11-26 16:02:53 ----A---- C:\Windows\system32\drivers\hidusb.sys
2016-11-26 16:02:53 ----A---- C:\Windows\system32\drivers\dumpfve.sys
2016-11-26 16:02:53 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2016-11-26 16:02:52 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Geolocation.dll
2016-11-26 16:02:52 ----A---- C:\Windows\SYSWOW64\UserAccountBroker.exe
2016-11-26 16:02:52 ----A---- C:\Windows\SYSWOW64\LocationApi.dll
2016-11-26 16:02:52 ----A---- C:\Windows\SYSWOW64\cryptxml.dll
2016-11-26 16:02:52 ----A---- C:\Windows\system32\UserAccountBroker.exe
2016-11-26 16:02:52 ----A---- C:\Windows\system32\ncryptsslp.dll
2016-11-26 16:02:52 ----A---- C:\Windows\system32\msiexec.exe
2016-11-26 16:02:52 ----A---- C:\Windows\system32\LocationApi.dll
2016-11-26 16:02:52 ----A---- C:\Windows\system32\gpresult.exe
2016-11-26 16:02:52 ----A---- C:\Windows\system32\drivers\stornvme.sys
2016-11-26 16:02:52 ----A---- C:\Windows\system32\cryptxml.dll
2016-11-26 16:02:51 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2016-11-26 16:02:51 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-11-26 16:02:51 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-11-26 16:02:51 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2016-11-26 16:02:51 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2016-11-26 16:02:51 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2016-11-26 16:02:51 ----A---- C:\Windows\system32\wuauclt.exe
2016-11-26 16:02:51 ----A---- C:\Windows\system32\wfapigp.dll
2016-11-26 16:02:51 ----A---- C:\Windows\system32\WebClnt.dll
2016-11-26 16:02:51 ----A---- C:\Windows\system32\hbaapi.dll
2016-11-26 16:02:51 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2016-11-26 16:02:51 ----A---- C:\Windows\system32\fveapi.dll
2016-11-26 16:02:51 ----A---- C:\Windows\system32\FirewallAPI.dll
2016-11-26 16:02:51 ----A---- C:\Windows\system32\BFE.DLL
2016-11-26 16:02:51 ----A---- C:\Windows\system32\bdesvc.dll
2016-11-26 16:02:51 ----A---- C:\Windows\system32\BdeHdCfgLib.dll
2016-11-26 16:02:50 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-11-26 16:02:50 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-11-26 16:02:50 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-11-26 16:02:50 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2016-11-26 16:02:50 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2016-11-26 16:02:50 ----A---- C:\Windows\SYSWOW64\gpresult.exe
2016-11-26 16:02:50 ----A---- C:\Windows\SYSWOW64\certutil.exe
2016-11-26 16:02:50 ----A---- C:\Windows\SYSWOW64\certenc.dll
2016-11-26 16:02:50 ----A---- C:\Windows\system32\wuwebv.dll
2016-11-26 16:02:50 ----A---- C:\Windows\system32\wudriver.dll
2016-11-26 16:02:50 ----A---- C:\Windows\system32\wuapp.exe
2016-11-26 16:02:50 ----A---- C:\Windows\system32\httpprxp.dll
2016-11-26 16:02:50 ----A---- C:\Windows\system32\httpprxm.dll
2016-11-26 16:02:50 ----A---- C:\Windows\system32\fvecpl.dll
2016-11-26 16:02:50 ----A---- C:\Windows\system32\drivers\hidparse.sys
2016-11-26 16:02:50 ----A---- C:\Windows\system32\certenc.dll
2016-11-26 16:02:50 ----A---- C:\Windows\system32\adhsvc.dll
2016-11-26 16:01:49 ----A---- C:\Windows\system32\drivers\volmgr.sys
2016-11-26 16:01:48 ----A---- C:\Windows\SYSWOW64\twinui.dll
2016-11-26 16:01:47 ----A---- C:\Windows\system32\twinui.dll
2016-11-26 16:01:46 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-11-26 16:01:46 ----A---- C:\Windows\system32\shell32.dll
2016-11-26 16:01:46 ----A---- C:\Windows\explorer.exe
2016-11-26 16:01:45 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-11-26 16:01:30 ----A---- C:\Windows\SYSWOW64\RestoreOptIn.exe
2016-11-26 16:01:30 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-11-26 16:01:30 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2016-11-26 16:01:30 ----A---- C:\Windows\system32\RestoreOptIn.exe
2016-11-26 16:01:30 ----A---- C:\Windows\system32\authui.dll
2016-11-26 16:01:30 ----A---- C:\Windows\system32\actxprxy.dll
2016-11-26 16:01:20 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-11-26 16:01:20 ----A---- C:\Windows\system32\gdi32.dll
2016-11-26 16:01:20 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-11-26 16:00:55 ----A---- C:\Windows\system32\basesrv.dll
2016-11-26 16:00:50 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-11-26 16:00:50 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-11-26 16:00:50 ----A---- C:\Windows\system32\ws2_32.dll
2016-11-26 16:00:50 ----A---- C:\Windows\system32\mswsock.dll
2016-11-26 16:00:50 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-11-26 12:37:02 ----D---- C:\ProgramData\Foxit Software
2016-11-26 12:36:58 ----D---- C:\ProgramData\Foxit ContentPlatform
2016-11-26 11:36:47 ----A---- C:\Windows\SYSWOW64\hlink.dll
2016-11-26 11:36:47 ----A---- C:\Windows\system32\hlink.dll
2016-11-26 11:36:19 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-11-26 11:35:18 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-11-26 11:35:14 ----A---- C:\Windows\SYSWOW64\mispace.dll
2016-11-26 11:35:14 ----A---- C:\Windows\system32\mispace.dll
2016-11-26 11:34:44 ----A---- C:\Windows\system32\rsaenh.dll
2016-11-26 11:34:43 ----A---- C:\Windows\SYSWOW64\rsaenh.dll
2016-11-26 11:33:51 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2016-11-26 11:33:51 ----A---- C:\Windows\system32\wscsvc.dll
2016-11-26 11:33:51 ----A---- C:\Windows\system32\wscapi.dll
2016-11-26 11:33:24 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-11-26 11:33:24 ----A---- C:\Windows\system32\comsvcs.dll
2016-11-26 11:33:22 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-11-26 11:33:22 ----A---- C:\Windows\system32\ucrtbase.dll
2016-11-26 11:33:22 ----A---- C:\Windows\system32\seclogon.dll
2016-11-26 11:33:05 ----A---- C:\Windows\system32\drivers\netio.sys
2016-11-26 11:33:03 ----A---- C:\Windows\SYSWOW64\WMASF.DLL
2016-11-26 11:33:03 ----A---- C:\Windows\system32\WMASF.DLL
2016-11-26 11:32:58 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-11-26 11:32:31 ----A---- C:\Windows\system32\winlogon.exe
2016-11-26 11:32:30 ----A---- C:\Windows\system32\msra.exe
2016-11-26 11:32:25 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-11-26 11:32:25 ----A---- C:\Windows\system32\mfds.dll

======List of files/folders modified in the last 1 month======

2016-11-26 18:42:33 ----RD---- C:\Program Files
2016-11-26 18:40:53 ----D---- C:\Windows\Temp
2016-11-26 18:38:42 ----D---- C:\Windows\Prefetch
2016-11-26 18:36:27 ----RAD---- C:\Windows\System32
2016-11-26 18:36:27 ----D---- C:\Windows\Inf
2016-11-26 18:36:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-26 18:33:59 ----D---- C:\Windows\system32\config
2016-11-26 18:33:28 ----D---- C:\Windows\SysWOW64
2016-11-26 18:32:51 ----D---- C:\Windows\Microsoft.NET
2016-11-26 18:32:46 ----D---- C:\Windows\WinSxS
2016-11-26 18:31:29 ----D---- C:\Windows\Logs
2016-11-26 18:30:01 ----AD---- C:\Windows
2016-11-26 18:23:06 ----D---- C:\Windows\system32\drivers
2016-11-26 18:23:06 ----D---- C:\Windows\apppatch
2016-11-26 18:22:59 ----D---- C:\Windows\SYSWOW64\wbem
2016-11-26 18:22:59 ----D---- C:\Windows\system32\wbem
2016-11-26 18:22:56 ----D---- C:\Windows\SYSWOW64\setup
2016-11-26 18:22:55 ----D---- C:\Windows\system32\setup
2016-11-26 18:22:51 ----RD---- C:\Windows\ToastData
2016-11-26 18:22:49 ----D---- C:\Windows\SYSWOW64\migration
2016-11-26 18:22:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-11-26 18:22:49 ----D---- C:\Program Files\Internet Explorer
2016-11-26 18:22:49 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-26 18:22:48 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-26 18:22:46 ----D---- C:\Windows\system32\migration
2016-11-26 18:22:46 ----D---- C:\Windows\system32\cs-CZ
2016-11-26 18:22:46 ----D---- C:\Windows\system32\Boot
2016-11-26 18:22:40 ----D---- C:\Windows\system32\en-US
2016-11-26 18:22:37 ----D---- C:\Windows\system32\CodeIntegrity
2016-11-26 18:22:35 ----D---- C:\Windows\system32\drivers\en-US
2016-11-26 18:22:35 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-11-26 18:22:34 ----D---- C:\Windows\ShellNew
2016-11-26 18:22:09 ----D---- C:\Windows\system32\DriverStore
2016-11-26 17:38:44 ----RSD---- C:\Windows\assembly
2016-11-26 17:29:30 ----D---- C:\Windows\CbsTemp
2016-11-26 17:02:13 ----D---- C:\Windows\system32\sru
2016-11-26 16:49:50 ----D---- C:\Windows\system32\MRT
2016-11-26 16:44:35 ----D---- C:\Windows\debug
2016-11-26 16:44:25 ----AC---- C:\Windows\system32\MRT.exe
2016-11-26 16:21:39 ----SHD---- C:\System Volume Information
2016-11-26 16:20:40 ----D---- C:\Windows\system32\catroot2
2016-11-26 12:37:02 ----HD---- C:\ProgramData
2016-11-26 12:34:15 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-11-26 12:29:02 ----SHD---- C:\Windows\Installer
2016-11-26 12:28:56 ----D---- C:\Program Files (x86)\TOSHIBA
2016-11-26 12:28:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-26 12:28:20 ----D---- C:\Program Files (x86)
2016-11-26 12:28:01 ----D---- C:\Program Files (x86)\TOSHIBA Games
2016-11-26 12:27:32 ----D---- C:\ProgramData\WildTangent
2016-11-26 12:27:30 ----D---- C:\Program Files (x86)\WildTangent Games
2016-11-26 12:23:53 ----D---- C:\Windows\Minidump
2016-11-25 19:59:14 ----D---- C:\Windows\AppReadiness
2016-11-25 19:59:13 ----HD---- C:\Program Files\WindowsApps
2016-11-23 10:00:41 ----RD---- C:\Program Files (x86)\Skype
2016-11-21 18:26:37 ----D---- C:\Windows\SoftwareDistribution
2016-11-21 17:07:22 ----D---- C:\ProgramData\Oracle
2016-11-21 17:07:06 ----D---- C:\Program Files (x86)\Java
2016-11-21 17:06:55 ----D---- C:\Program Files (x86)\Common Files
2016-11-21 17:06:34 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-11-21 17:02:34 ----D---- C:\Users\Roman\AppData\Roaming\BitTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-09-09 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-10-13 293352]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-08-31 644968]
R0 tos_sps64;@oem21.inf,%SERVICE_DESC_amd64%;TOSHIBA tos_sps64 Service; C:\Windows\System32\drivers\tos_sps64.sys [2012-06-18 499096]
R0 TVALZ;@oem16.inf,%TVALZ.SvcDesc%;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\System32\drivers\TVALZ_O.SYS [2013-08-15 32832]
R0 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\System32\Drivers\TVALZFL.sys [2012-07-21 16768]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-09-09 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-09-09 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-09-13 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-09-25 513632]
R1 dtsoftbus01;@oem30.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2016-08-09 254528]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-09-09 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-09-09 163416]
R3 athr;@oem22.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-10-24 3858944]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-10-01 594632]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 CnxtHdAudService;@oem9.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2013-07-18 1387712]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-09-23 4177920]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-09-23 449528]
R3 iwdbus;@oem7.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-08-22 26008]
R3 L1C;@oem17.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C63x64.sys [2013-07-18 130248]
R3 MEIx64;@oem3.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-03 99288]
R3 QIOMem;@oem1.inf,%SERVICE_DISPLAY_NAME%;Generic IO & Memory Access; C:\Windows\System32\drivers\QIOMem.sys [2013-08-06 14000]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-22 34544]
R3 SynTP;@oem24.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-08-06 528112]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2012-07-25 31184]
R3 Thotkey;@oem13.inf,%Thotkey%;Toshiba Hotkey Driver; C:\Windows\System32\drivers\Thotkey.sys [2013-08-19 32624]
R3 tosrfec;@oem23.inf,%busenum.SVCDESC%;Bluetooth ACPI; C:\Windows\System32\drivers\tosrfec.sys [2013-11-01 27032]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-09-09 37656]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dg_ssudbus;@oem38.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dot4;@oem26.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem27.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem26.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 dtlitescsibus;@oem28.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2016-07-05 30264]
S3 dtliteusbbus;@oem29.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys [2016-07-05 47672]
S3 intaud_WaveExtensible;@oem6.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 mfencrk;McAfee Inc. mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [2014-09-19 96600]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2013-07-31 1936088]
S3 ssudmdm;@oem39.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;@oem40.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-10-01 312448]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-09 197128]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2015-02-05 225496]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-09-10 19792]
R2 FoxitReaderService;Foxit Reader Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [2016-11-15 1659592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-03 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-03 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-03 390616]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\Toshiba\Teco\TecoService.exe [2013-08-10 328544]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 TMachInfo;TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2013-07-31 53864]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2013-09-04 466504]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-09-23 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-08-24 146888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-09 150600]
S3 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2016-08-05 183112]
S3 TemproMonitoringService;TEMPRO Service; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2013-07-19 116088]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomalý NTB

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Polska Pasha
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 113
Registrován: 29 čer 2014 09:06

Re: Pomalý NTB

#3 Příspěvek od Polska Pasha »

# AdwCleaner v6.030 - Log soubor vytvořen 26/11/2016 na 19:22:34
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-26.1 [Server]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : Roman - MANIAK
# Beží od : C:\Users\Roman\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Adresáře ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****



***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [788 Bajtů] - [26/11/2016 19:22:34]
C:\AdwCleaner\AdwCleaner[S0].txt - [1384 Bajtů] - [26/11/2016 19:22:24]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [935 Bajtů] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomalý NTB

#4 Příspěvek od Rudy »

Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Polska Pasha
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 113
Registrován: 29 čer 2014 09:06

Re: Pomalý NTB

#5 Příspěvek od Polska Pasha »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Roman at 2016-11-26 20:28:32
Microsoft Windows 8.1
System drive C: has 642 GB (91%) free of 704 GB
Total RAM: 3987 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:28:37, on 26. 11. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\UMonit64.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Roman.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TEJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\Toshiba\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11140 bytes

======Listing Processes======





wininit.exe


C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\CxAudMsg64.exe
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {d1616274-4213-4ed2-9268bf689bb14d08}
"C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe"
taskeng.exe {1A0EC80F-6FC1-4C40-8B95-00322089B85A}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe"
C:\Windows\SysWOW64\UMonit64.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\Toshiba\Teco\TecoService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Toshiba\Teco\TecoResident.exe"
"C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe"
"C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=54.0.2840.99 --handshake-handle=0x124
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,15,16,17,20,34,51,60 --gpu-vendor-id=0x8086 --gpu-device-id=0x0156 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3308 --gpu-driver-date=9-16-2013 --mojo-application-channel-token=CA60D5550FDE113EB9802F11BE292754 --mojo-platform-channel-handle=1252 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=65CDB9ADADF293F8BFC59FCE5A9E7DAE --lang=en-US --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --disable-accelerated-video-decode --mojo-application-channel-token=65CDB9ADADF293F8BFC59FCE5A9E7DAE --channel="3648.0.1621051946\2101322780" --mojo-platform-channel-handle=2104 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_28/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=B005FCEEC7809A9CEFF8A50460CBBCB0 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --disable-accelerated-video-decode --mojo-application-channel-token=B005FCEEC7809A9CEFF8A50460CBBCB0 --channel="3648.2.1184452076\986822705" --mojo-platform-channel-handle=3304 /prefetch:1
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Users\Roman\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\mtso404o.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
NPOFF12.DLL

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-02 205416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-02 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-02 2322576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-02 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-21 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-02 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-02 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-21 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-09-23 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-09-23 771056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-09-23 769520]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2015-08-14 601944]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]
"TecoResident"=C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2013-08-21 178016]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-13 354144]
"TCrdMain"=C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-08-18 2556768]
"TSSSrv"=C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [2013-09-12 296520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-02-19 7416088]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TSVU"=c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23 516512]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-16 9080768]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-09-23 623104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-26 20:25:08 ----D---- C:\_OTM
2016-11-26 19:17:02 ----D---- C:\AdwCleaner
2016-11-26 18:42:33 ----D---- C:\rsit
2016-11-26 18:42:33 ----D---- C:\Program Files\trend micro
2016-11-26 18:32:39 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-26 16:36:33 ----A---- C:\Windows\SYSWOW64\msvcr120_clr0400.dll
2016-11-26 16:36:33 ----A---- C:\Windows\SYSWOW64\msvcp120_clr0400.dll
2016-11-26 16:36:33 ----A---- C:\Windows\system32\msvcr120_clr0400.dll
2016-11-26 16:36:33 ----A---- C:\Windows\system32\msvcp120_clr0400.dll
2016-11-26 16:21:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-11-26 16:21:05 ----A---- C:\Windows\system32\rpcrt4.dll
2016-11-26 16:20:54 ----A---- C:\Windows\system32\polstore.dll
2016-11-26 16:20:54 ----A---- C:\Windows\system32\gpsvc.dll
2016-11-26 16:20:54 ----A---- C:\Windows\system32\gpapi.dll
2016-11-26 16:20:53 ----A---- C:\Windows\SYSWOW64\polstore.dll
2016-11-26 16:20:53 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2016-11-26 16:20:53 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2016-11-26 16:20:53 ----A---- C:\Windows\system32\IPSECSVC.DLL
2016-11-26 16:20:53 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2016-11-26 16:20:22 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-11-26 16:20:22 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-11-26 16:20:22 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2016-11-26 16:19:42 ----A---- C:\Windows\system32\samsrv.dll
2016-11-26 16:19:41 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-11-26 16:19:41 ----A---- C:\Windows\system32\samlib.dll
2016-11-26 16:19:38 ----A---- C:\Windows\SYSWOW64\Windows.UI.dll
2016-11-26 16:19:38 ----A---- C:\Windows\SYSWOW64\mfmp4srcsnk.dll
2016-11-26 16:19:38 ----A---- C:\Windows\system32\Windows.UI.dll
2016-11-26 16:19:38 ----A---- C:\Windows\system32\mfmp4srcsnk.dll
2016-11-26 16:19:00 ----A---- C:\Windows\system32\VSSVC.exe
2016-11-26 16:18:59 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-11-26 16:18:59 ----A---- C:\Windows\system32\ntprint.dll
2016-11-26 16:18:59 ----A---- C:\Windows\system32\inetpp.dll
2016-11-26 16:18:59 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-11-26 16:18:59 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-11-26 16:18:59 ----A---- C:\Windows\system32\drivers\srv.sys
2016-11-26 16:18:31 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-11-26 16:18:31 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-11-26 16:18:30 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-11-26 16:18:30 ----A---- C:\Windows\system32\msxml3.dll
2016-11-26 16:18:22 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-11-26 16:18:22 ----A---- C:\Windows\system32\WsmSvc.dll
2016-11-26 16:18:21 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-11-26 16:18:21 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-11-26 16:18:21 ----A---- C:\Windows\SYSWOW64\WsmAgent.dll
2016-11-26 16:18:21 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-11-26 16:18:21 ----A---- C:\Windows\system32\WsmAuto.dll
2016-11-26 16:18:21 ----A---- C:\Windows\system32\WsmAgent.dll
2016-11-26 16:18:21 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2016-11-26 16:17:56 ----A---- C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2016-11-26 16:17:51 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-11-26 16:17:51 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-11-26 16:17:50 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2016-11-26 16:17:50 ----A---- C:\Windows\SYSWOW64\themecpl.dll
2016-11-26 16:17:50 ----A---- C:\Windows\SYSWOW64\stobject.dll
2016-11-26 16:17:50 ----A---- C:\Windows\SYSWOW64\SettingSyncHost.exe
2016-11-26 16:17:50 ----A---- C:\Windows\SYSWOW64\SettingSyncCore.dll
2016-11-26 16:17:50 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2016-11-26 16:17:50 ----A---- C:\Windows\SYSWOW64\hgcpl.dll
2016-11-26 16:17:50 ----A---- C:\Windows\SYSWOW64\AppxAllUserStore.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\usercpl.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\themecpl.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-11-26 16:17:50 ----A---- C:\Windows\system32\stobject.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\SettingSyncHost.exe
2016-11-26 16:17:50 ----A---- C:\Windows\system32\SettingSyncCore.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\SettingSync.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\SettingsHandlers.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\SettingMonitor.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\hgcpl.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2016-11-26 16:17:50 ----A---- C:\Windows\system32\AppxAllUserStore.dll
2016-11-26 16:17:49 ----A---- C:\Windows\SYSWOW64\SettingMonitor.dll
2016-11-26 16:17:49 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2016-11-26 16:17:41 ----A---- C:\Windows\system32\workfolderssvc.dll
2016-11-26 16:17:41 ----A---- C:\Windows\system32\WorkfoldersControl.dll
2016-11-26 16:16:32 ----A---- C:\Windows\system32\mtxoci.dll
2016-11-26 16:16:31 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-11-26 16:16:31 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-11-26 16:16:27 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-11-26 16:16:27 ----A---- C:\Windows\system32\schannel.dll
2016-11-26 16:16:26 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-11-26 16:16:26 ----A---- C:\Windows\system32\oleaut32.dll
2016-11-26 16:16:26 ----A---- C:\Windows\system32\drivers\disk.sys
2016-11-26 16:15:36 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-11-26 16:15:36 ----A---- C:\Windows\SYSWOW64\glcndFilter.dll
2016-11-26 16:15:36 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-11-26 16:15:35 ----A---- C:\Windows\system32\glcndFilter.dll
2016-11-26 16:15:34 ----A---- C:\Windows\system32\drivers\vpci.sys
2016-11-26 16:15:06 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2016-11-26 16:15:06 ----A---- C:\Windows\system32\storagewmi.dll
2016-11-26 16:15:03 ----A---- C:\Windows\SYSWOW64\dsparse.dll
2016-11-26 16:15:03 ----A---- C:\Windows\system32\dsparse.dll
2016-11-26 16:15:01 ----A---- C:\Windows\SYSWOW64\dhcpsapi.dll
2016-11-26 16:15:01 ----A---- C:\Windows\system32\dhcpsapi.dll
2016-11-26 16:14:28 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2016-11-26 16:14:28 ----A---- C:\Windows\system32\nshwfp.dll
2016-11-26 16:14:28 ----A---- C:\Windows\system32\IKEEXT.DLL
2016-11-26 16:14:28 ----A---- C:\Windows\system32\dnsrslvr.dll
2016-11-26 16:14:28 ----A---- C:\Windows\system32\dnsapi.dll
2016-11-26 16:14:27 ----A---- C:\Windows\system32\vpnike.dll
2016-11-26 16:14:27 ----A---- C:\Windows\system32\rdpcorets.dll
2016-11-26 16:14:26 ----A---- C:\Windows\SYSWOW64\rasapi32.dll
2016-11-26 16:14:26 ----A---- C:\Windows\SYSWOW64\mprdim.dll
2016-11-26 16:14:26 ----A---- C:\Windows\SYSWOW64\mprddm.dll
2016-11-26 16:14:26 ----A---- C:\Windows\system32\rasmans.dll
2016-11-26 16:14:26 ----A---- C:\Windows\system32\rasapi32.dll
2016-11-26 16:14:26 ----A---- C:\Windows\system32\mprdim.dll
2016-11-26 16:14:26 ----A---- C:\Windows\system32\mprddm.dll
2016-11-26 16:14:26 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-11-26 16:14:25 ----A---- C:\Windows\SYSWOW64\dssenh.dll
2016-11-26 16:14:25 ----A---- C:\Windows\system32\wpdbusenum.dll
2016-11-26 16:14:25 ----A---- C:\Windows\system32\rdpudd.dll
2016-11-26 16:14:25 ----A---- C:\Windows\system32\rdpclip.exe
2016-11-26 16:14:25 ----A---- C:\Windows\system32\rasppp.dll
2016-11-26 16:14:25 ----A---- C:\Windows\system32\rasman.dll
2016-11-26 16:14:25 ----A---- C:\Windows\system32\rascustom.dll
2016-11-26 16:14:25 ----A---- C:\Windows\system32\dssenh.dll
2016-11-26 16:14:25 ----A---- C:\Windows\system32\drivers\agilevpn.sys
2016-11-26 16:14:24 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2016-11-26 16:14:24 ----A---- C:\Windows\system32\iprtrmgr.dll
2016-11-26 16:14:23 ----A---- C:\Windows\SYSWOW64\rasppp.dll
2016-11-26 16:14:23 ----A---- C:\Windows\SYSWOW64\rasman.dll
2016-11-26 16:13:38 ----A---- C:\Windows\SYSWOW64\shacct.dll
2016-11-26 16:13:38 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2016-11-26 16:13:38 ----A---- C:\Windows\system32\shacct.dll
2016-11-26 16:13:29 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2016-11-26 16:13:29 ----A---- C:\Windows\system32\iepeers.dll
2016-11-26 16:13:28 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-11-26 16:13:28 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-11-26 16:13:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-11-26 16:13:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-11-26 16:13:28 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-26 16:13:28 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-26 16:13:27 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-11-26 16:13:26 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-11-26 16:13:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-26 16:13:26 ----A---- C:\Windows\system32\urlmon.dll
2016-11-26 16:13:26 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-26 16:13:26 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-11-26 16:13:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-11-26 16:13:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-26 16:13:25 ----A---- C:\Windows\system32\vbscript.dll
2016-11-26 16:13:25 ----A---- C:\Windows\system32\msfeeds.dll
2016-11-26 16:13:24 ----A---- C:\Windows\system32\ieapfltr.dll
2016-11-26 16:13:23 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-26 16:13:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-11-26 16:13:23 ----A---- C:\Windows\system32\iertutil.dll
2016-11-26 16:13:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-11-26 16:13:22 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-11-26 16:13:22 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-11-26 16:13:22 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-11-26 16:13:22 ----A---- C:\Windows\system32\DafPrintProvider.dll
2016-11-26 16:13:21 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2016-11-26 16:13:21 ----A---- C:\Windows\system32\jscript.dll
2016-11-26 16:13:20 ----A---- C:\Windows\system32\ieframe.dll
2016-11-26 16:13:20 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-26 16:13:19 ----A---- C:\Windows\system32\webcheck.dll
2016-11-26 16:13:19 ----A---- C:\Windows\system32\jscript9.dll
2016-11-26 16:13:18 ----A---- C:\Windows\system32\ieui.dll
2016-11-26 16:13:17 ----A---- C:\Windows\system32\win32k.sys
2016-11-26 16:13:17 ----A---- C:\Windows\system32\inetcomm.dll
2016-11-26 16:13:16 ----A---- C:\Windows\system32\wininet.dll
2016-11-26 16:13:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-11-26 16:13:16 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-11-26 16:13:15 ----A---- C:\Windows\system32\mshtml.dll
2016-11-26 16:13:13 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-11-26 16:13:13 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-26 16:13:13 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-26 16:13:12 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-11-26 16:13:12 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2016-11-26 16:13:12 ----A---- C:\Windows\system32\twinui.appcore.dll
2016-11-26 16:13:12 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-26 16:13:11 ----A---- C:\Windows\system32\ole32.dll
2016-11-26 16:13:11 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-26 16:13:11 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-26 16:13:10 ----A---- C:\Windows\system32\netlogon.dll
2016-11-26 16:13:09 ----A---- C:\Windows\SYSWOW64\twinui.appcore.dll
2016-11-26 16:13:07 ----A---- C:\Windows\system32\wmp.dll
2016-11-26 16:13:06 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-11-26 16:13:05 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-11-26 16:13:05 ----A---- C:\Windows\system32\winresume.exe
2016-11-26 16:13:05 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-11-26 16:13:05 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-11-26 16:13:04 ----A---- C:\Windows\system32\winload.exe
2016-11-26 16:13:04 ----A---- C:\Windows\system32\drivers\cng.sys
2016-11-26 16:13:03 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2016-11-26 16:13:01 ----A---- C:\Windows\SYSWOW64\esent.dll
2016-11-26 16:13:01 ----A---- C:\Windows\system32\esent.dll
2016-11-26 16:13:01 ----A---- C:\Windows\system32\diagtrack.dll
2016-11-26 16:13:00 ----A---- C:\Windows\system32\DWrite.dll
2016-11-26 16:12:58 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-11-26 16:12:58 ----A---- C:\Windows\system32\win32spl.dll
2016-11-26 16:12:58 ----A---- C:\Windows\system32\localspl.dll
2016-11-26 16:12:58 ----A---- C:\Windows\system32\FntCache.dll
2016-11-26 16:12:57 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2016-11-26 16:12:57 ----A---- C:\Windows\system32\Windows.Media.Streaming.dll
2016-11-26 16:12:57 ----A---- C:\Windows\system32\GdiPlus.dll
2016-11-26 16:12:57 ----A---- C:\Windows\system32\d3d11.dll
2016-11-26 16:12:57 ----A---- C:\Windows\system32\certcli.dll
2016-11-26 16:12:56 ----A---- C:\Windows\SYSWOW64\Windows.Media.Streaming.dll
2016-11-26 16:12:56 ----A---- C:\Windows\system32\puiobj.dll
2016-11-26 16:12:56 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-26 16:12:55 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2016-11-26 16:12:55 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2016-11-26 16:12:55 ----A---- C:\Windows\system32\wbengine.exe
2016-11-26 16:12:55 ----A---- C:\Windows\system32\drivers\refs.sys
2016-11-26 16:12:54 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2016-11-26 16:12:54 ----A---- C:\Windows\SYSWOW64\msdtcprx.dll
2016-11-26 16:12:54 ----A---- C:\Windows\SYSWOW64\DafPrintProvider.dll
2016-11-26 16:12:54 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-11-26 16:12:54 ----A---- C:\Windows\system32\SessEnv.dll
2016-11-26 16:12:54 ----A---- C:\Windows\system32\ntshrui.dll
2016-11-26 16:12:54 ----A---- C:\Windows\system32\msdtcprx.dll
2016-11-26 16:12:54 ----A---- C:\Windows\system32\atmfd.dll
2016-11-26 16:12:53 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2016-11-26 16:12:53 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-26 16:12:53 ----A---- C:\Windows\system32\vmrdvcore.dll
2016-11-26 16:12:53 ----A---- C:\Windows\system32\msctf.dll
2016-11-26 16:12:53 ----A---- C:\Windows\system32\drivers\clfs.sys
2016-11-26 16:12:52 ----A---- C:\Windows\SYSWOW64\puiapi.dll
2016-11-26 16:12:52 ----A---- C:\Windows\system32\puiapi.dll
2016-11-26 16:12:52 ----A---- C:\Windows\system32\pdh.dll
2016-11-26 16:12:52 ----A---- C:\Windows\system32\mfsvr.dll
2016-11-26 16:12:52 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2016-11-26 16:12:51 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-26 16:12:51 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-26 16:12:51 ----A---- C:\Windows\system32\drivers\spaceport.sys
2016-11-26 16:12:50 ----A---- C:\Windows\SYSWOW64\pdh.dll
2016-11-26 16:12:50 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-11-26 16:12:50 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-26 16:12:49 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2016-11-26 16:12:49 ----A---- C:\Windows\system32\drivers\parport.sys
2016-11-26 16:12:48 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-11-26 16:12:48 ----A---- C:\Windows\system32\wmploc.DLL
2016-11-26 16:12:46 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-26 16:12:45 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-11-26 16:12:45 ----A---- C:\Windows\system32\adsmsext.dll
2016-11-26 16:12:43 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2016-11-26 16:12:43 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-26 16:12:43 ----A---- C:\Windows\system32\PlayToDevice.dll
2016-11-26 16:12:43 ----A---- C:\Windows\system32\iscsiexe.dll
2016-11-26 16:12:40 ----A---- C:\Windows\system32\drivers\tm.sys
2016-11-26 16:12:29 ----A---- C:\Windows\SYSWOW64\PlayToDevice.dll
2016-11-26 16:12:29 ----A---- C:\Windows\SYSWOW64\iscsiwmi.dll
2016-11-26 16:12:29 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-26 16:12:29 ----A---- C:\Windows\system32\rastapi.dll
2016-11-26 16:12:29 ----A---- C:\Windows\system32\offreg.dll
2016-11-26 16:12:29 ----A---- C:\Windows\system32\iscsiwmi.dll
2016-11-26 16:12:29 ----A---- C:\Windows\system32\drivers\vwifimp.sys
2016-11-26 16:12:29 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-26 16:12:28 ----A---- C:\Windows\SYSWOW64\offreg.dll
2016-11-26 16:12:28 ----A---- C:\Windows\SYSWOW64\iscsidsc.dll
2016-11-26 16:12:28 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-26 16:12:28 ----A---- C:\Windows\system32\xolehlp.dll
2016-11-26 16:12:28 ----A---- C:\Windows\system32\iscsidsc.dll
2016-11-26 16:12:28 ----A---- C:\Windows\system32\input.dll
2016-11-26 16:12:28 ----A---- C:\Windows\system32\drivers\vwifibus.sys
2016-11-26 16:12:28 ----A---- C:\Windows\system32\drivers\serial.sys
2016-11-26 16:12:28 ----A---- C:\Windows\system32\dab.dll
2016-11-26 16:12:27 ----A---- C:\Windows\SYSWOW64\xolehlp.dll
2016-11-26 16:12:27 ----A---- C:\Windows\system32\drivers\serenum.sys
2016-11-26 16:12:26 ----A---- C:\Windows\system32\drivers\vwififlt.sys
2016-11-26 16:12:25 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-26 16:12:25 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-11-26 16:12:25 ----A---- C:\Windows\system32\atmlib.dll
2016-11-26 16:09:39 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-11-26 16:09:39 ----A---- C:\Windows\system32\d3d10level9.dll
2016-11-26 16:09:36 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-11-26 16:09:36 ----A---- C:\Windows\system32\sspicli.dll
2016-11-26 16:09:36 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-11-26 16:09:35 ----A---- C:\Windows\system32\drivers\volsnap.sys
2016-11-26 16:09:14 ----A---- C:\Windows\system32\poqexec.exe
2016-11-26 16:09:13 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-11-26 16:06:22 ----A---- C:\Windows\system32\ntdll.dll
2016-11-26 16:06:21 ----A---- C:\Windows\system32\csrsrv.dll
2016-11-26 16:05:38 ----A---- C:\Windows\system32\dpapisrv.dll
2016-11-26 16:04:44 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-11-26 16:04:41 ----A---- C:\Windows\SYSWOW64\IPHLPAPI.DLL
2016-11-26 16:04:41 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2016-11-26 16:04:09 ----A---- C:\Windows\system32\user32.dll
2016-11-26 16:04:08 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-11-26 16:03:45 ----A---- C:\Windows\system32\wwanmm.dll
2016-11-26 16:03:45 ----A---- C:\Windows\system32\wwanconn.dll
2016-11-26 16:03:45 ----A---- C:\Windows\system32\pnidui.dll
2016-11-26 16:03:32 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-11-26 16:03:31 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-11-26 16:03:31 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-11-26 16:03:31 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-11-26 16:03:30 ----A---- C:\Windows\system32\msi.dll
2016-11-26 16:03:30 ----A---- C:\Windows\system32\consent.exe
2016-11-26 16:03:30 ----A---- C:\Windows\system32\appinfo.dll
2016-11-26 16:03:29 ----A---- C:\Windows\system32\ncrypt.dll
2016-11-26 16:03:29 ----A---- C:\Windows\system32\KernelBase.dll
2016-11-26 16:03:27 ----A---- C:\Windows\system32\sppsvc.exe
2016-11-26 16:03:26 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-11-26 16:03:11 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2016-11-26 16:03:08 ----A---- C:\Windows\system32\sppobjs.dll
2016-11-26 16:03:07 ----A---- C:\Windows\system32\wuaueng.dll
2016-11-26 16:03:07 ----A---- C:\Windows\system32\crypt32.dll
2016-11-26 16:03:06 ----A---- C:\Windows\system32\drivers\rdbss.sys
2016-11-26 16:03:05 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-11-26 16:03:05 ----A---- C:\Windows\system32\drivers\fvevol.sys
2016-11-26 16:03:05 ----A---- C:\Windows\system32\CertEnroll.dll
2016-11-26 16:03:04 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-11-26 16:03:04 ----A---- C:\Windows\system32\winhttp.dll
2016-11-26 16:03:04 ----A---- C:\Windows\system32\sppwinob.dll
2016-11-26 16:03:03 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2016-11-26 16:03:03 ----A---- C:\Windows\system32\rpcss.dll
2016-11-26 16:03:02 ----A---- C:\Windows\system32\kerberos.dll
2016-11-26 16:03:02 ----A---- C:\Windows\system32\drivers\mup.sys
2016-11-26 16:02:57 ----A---- C:\Windows\system32\webio.dll
2016-11-26 16:02:57 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2016-11-26 16:02:56 ----A---- C:\Windows\system32\wuapi.dll
2016-11-26 16:02:55 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-11-26 16:02:55 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2016-11-26 16:02:55 ----A---- C:\Windows\system32\rdpcore.dll
2016-11-26 16:02:55 ----A---- C:\Windows\system32\MPSSVC.dll
2016-11-26 16:02:55 ----A---- C:\Windows\system32\iphlpsvc.dll
2016-11-26 16:02:54 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2016-11-26 16:02:54 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-11-26 16:02:54 ----A---- C:\Windows\system32\wucltux.dll
2016-11-26 16:02:54 ----A---- C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-11-26 16:02:54 ----A---- C:\Windows\system32\tpmvsc.dll
2016-11-26 16:02:54 ----A---- C:\Windows\system32\drivers\storport.sys
2016-11-26 16:02:54 ----A---- C:\Windows\system32\drivers\hidclass.sys
2016-11-26 16:02:54 ----A---- C:\Windows\system32\certutil.exe
2016-11-26 16:02:53 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-11-26 16:02:53 ----A---- C:\Windows\system32\drivers\hidusb.sys
2016-11-26 16:02:53 ----A---- C:\Windows\system32\drivers\dumpfve.sys
2016-11-26 16:02:53 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2016-11-26 16:02:52 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Geolocation.dll
2016-11-26 16:02:52 ----A---- C:\Windows\SYSWOW64\UserAccountBroker.exe
2016-11-26 16:02:52 ----A---- C:\Windows\SYSWOW64\LocationApi.dll
2016-11-26 16:02:52 ----A---- C:\Windows\SYSWOW64\cryptxml.dll
2016-11-26 16:02:52 ----A---- C:\Windows\system32\UserAccountBroker.exe
2016-11-26 16:02:52 ----A---- C:\Windows\system32\ncryptsslp.dll
2016-11-26 16:02:52 ----A---- C:\Windows\system32\msiexec.exe
2016-11-26 16:02:52 ----A---- C:\Windows\system32\LocationApi.dll
2016-11-26 16:02:52 ----A---- C:\Windows\system32\gpresult.exe
2016-11-26 16:02:52 ----A---- C:\Windows\system32\drivers\stornvme.sys
2016-11-26 16:02:52 ----A---- C:\Windows\system32\cryptxml.dll
2016-11-26 16:02:51 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2016-11-26 16:02:51 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-11-26 16:02:51 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-11-26 16:02:51 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2016-11-26 16:02:51 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2016-11-26 16:02:51 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2016-11-26 16:02:51 ----A---- C:\Windows\system32\wuauclt.exe
2016-11-26 16:02:51 ----A---- C:\Windows\system32\wfapigp.dll
2016-11-26 16:02:51 ----A---- C:\Windows\system32\WebClnt.dll
2016-11-26 16:02:51 ----A---- C:\Windows\system32\hbaapi.dll
2016-11-26 16:02:51 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2016-11-26 16:02:51 ----A---- C:\Windows\system32\fveapi.dll
2016-11-26 16:02:51 ----A---- C:\Windows\system32\FirewallAPI.dll
2016-11-26 16:02:51 ----A---- C:\Windows\system32\BFE.DLL
2016-11-26 16:02:51 ----A---- C:\Windows\system32\bdesvc.dll
2016-11-26 16:02:51 ----A---- C:\Windows\system32\BdeHdCfgLib.dll
2016-11-26 16:02:50 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-11-26 16:02:50 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-11-26 16:02:50 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-11-26 16:02:50 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2016-11-26 16:02:50 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2016-11-26 16:02:50 ----A---- C:\Windows\SYSWOW64\gpresult.exe
2016-11-26 16:02:50 ----A---- C:\Windows\SYSWOW64\certutil.exe
2016-11-26 16:02:50 ----A---- C:\Windows\SYSWOW64\certenc.dll
2016-11-26 16:02:50 ----A---- C:\Windows\system32\wuwebv.dll
2016-11-26 16:02:50 ----A---- C:\Windows\system32\wudriver.dll
2016-11-26 16:02:50 ----A---- C:\Windows\system32\wuapp.exe
2016-11-26 16:02:50 ----A---- C:\Windows\system32\httpprxp.dll
2016-11-26 16:02:50 ----A---- C:\Windows\system32\httpprxm.dll
2016-11-26 16:02:50 ----A---- C:\Windows\system32\fvecpl.dll
2016-11-26 16:02:50 ----A---- C:\Windows\system32\drivers\hidparse.sys
2016-11-26 16:02:50 ----A---- C:\Windows\system32\certenc.dll
2016-11-26 16:02:50 ----A---- C:\Windows\system32\adhsvc.dll
2016-11-26 16:01:49 ----A---- C:\Windows\system32\drivers\volmgr.sys
2016-11-26 16:01:48 ----A---- C:\Windows\SYSWOW64\twinui.dll
2016-11-26 16:01:47 ----A---- C:\Windows\system32\twinui.dll
2016-11-26 16:01:46 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-11-26 16:01:46 ----A---- C:\Windows\system32\shell32.dll
2016-11-26 16:01:46 ----A---- C:\Windows\explorer.exe
2016-11-26 16:01:45 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-11-26 16:01:30 ----A---- C:\Windows\SYSWOW64\RestoreOptIn.exe
2016-11-26 16:01:30 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-11-26 16:01:30 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2016-11-26 16:01:30 ----A---- C:\Windows\system32\RestoreOptIn.exe
2016-11-26 16:01:30 ----A---- C:\Windows\system32\authui.dll
2016-11-26 16:01:30 ----A---- C:\Windows\system32\actxprxy.dll
2016-11-26 16:01:20 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-11-26 16:01:20 ----A---- C:\Windows\system32\gdi32.dll
2016-11-26 16:01:20 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-11-26 16:00:55 ----A---- C:\Windows\system32\basesrv.dll
2016-11-26 16:00:50 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-11-26 16:00:50 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-11-26 16:00:50 ----A---- C:\Windows\system32\ws2_32.dll
2016-11-26 16:00:50 ----A---- C:\Windows\system32\mswsock.dll
2016-11-26 16:00:50 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-11-26 12:37:02 ----D---- C:\ProgramData\Foxit Software
2016-11-26 12:36:58 ----D---- C:\ProgramData\Foxit ContentPlatform
2016-11-26 11:36:47 ----A---- C:\Windows\SYSWOW64\hlink.dll
2016-11-26 11:36:47 ----A---- C:\Windows\system32\hlink.dll
2016-11-26 11:36:19 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-11-26 11:35:18 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-11-26 11:35:14 ----A---- C:\Windows\SYSWOW64\mispace.dll
2016-11-26 11:35:14 ----A---- C:\Windows\system32\mispace.dll
2016-11-26 11:34:44 ----A---- C:\Windows\system32\rsaenh.dll
2016-11-26 11:34:43 ----A---- C:\Windows\SYSWOW64\rsaenh.dll
2016-11-26 11:33:51 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2016-11-26 11:33:51 ----A---- C:\Windows\system32\wscsvc.dll
2016-11-26 11:33:51 ----A---- C:\Windows\system32\wscapi.dll
2016-11-26 11:33:24 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-11-26 11:33:24 ----A---- C:\Windows\system32\comsvcs.dll
2016-11-26 11:33:22 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-11-26 11:33:22 ----A---- C:\Windows\system32\ucrtbase.dll
2016-11-26 11:33:22 ----A---- C:\Windows\system32\seclogon.dll
2016-11-26 11:33:05 ----A---- C:\Windows\system32\drivers\netio.sys
2016-11-26 11:33:03 ----A---- C:\Windows\SYSWOW64\WMASF.DLL
2016-11-26 11:33:03 ----A---- C:\Windows\system32\WMASF.DLL
2016-11-26 11:32:58 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-11-26 11:32:31 ----A---- C:\Windows\system32\winlogon.exe
2016-11-26 11:32:30 ----A---- C:\Windows\system32\msra.exe
2016-11-26 11:32:25 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-11-26 11:32:25 ----A---- C:\Windows\system32\mfds.dll

======List of files/folders modified in the last 1 month======

2016-11-26 20:28:27 ----D---- C:\Windows\Temp
2016-11-26 20:28:06 ----D---- C:\Windows\Prefetch
2016-11-26 20:26:06 ----RAD---- C:\Windows\System32
2016-11-26 20:26:06 ----D---- C:\Windows\Inf
2016-11-26 20:26:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-26 20:25:08 ----D---- C:\Windows\Tasks
2016-11-26 20:22:53 ----D---- C:\Windows\system32\sru
2016-11-26 19:27:53 ----D---- C:\Windows\system32\config
2016-11-26 19:08:16 ----D---- C:\Windows\Microsoft.NET
2016-11-26 19:08:14 ----RSD---- C:\Windows\assembly
2016-11-26 18:42:33 ----RD---- C:\Program Files
2016-11-26 18:33:28 ----D---- C:\Windows\SysWOW64
2016-11-26 18:32:46 ----D---- C:\Windows\WinSxS
2016-11-26 18:31:29 ----D---- C:\Windows\Logs
2016-11-26 18:30:01 ----AD---- C:\Windows
2016-11-26 18:23:06 ----D---- C:\Windows\system32\drivers
2016-11-26 18:23:06 ----D---- C:\Windows\apppatch
2016-11-26 18:22:59 ----D---- C:\Windows\SYSWOW64\wbem
2016-11-26 18:22:59 ----D---- C:\Windows\system32\wbem
2016-11-26 18:22:56 ----D---- C:\Windows\SYSWOW64\setup
2016-11-26 18:22:55 ----D---- C:\Windows\system32\setup
2016-11-26 18:22:51 ----RD---- C:\Windows\ToastData
2016-11-26 18:22:49 ----D---- C:\Windows\SYSWOW64\migration
2016-11-26 18:22:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-11-26 18:22:49 ----D---- C:\Program Files\Internet Explorer
2016-11-26 18:22:49 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-26 18:22:48 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-26 18:22:46 ----D---- C:\Windows\system32\migration
2016-11-26 18:22:46 ----D---- C:\Windows\system32\cs-CZ
2016-11-26 18:22:46 ----D---- C:\Windows\system32\Boot
2016-11-26 18:22:40 ----D---- C:\Windows\system32\en-US
2016-11-26 18:22:37 ----D---- C:\Windows\system32\CodeIntegrity
2016-11-26 18:22:35 ----D---- C:\Windows\system32\drivers\en-US
2016-11-26 18:22:35 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-11-26 18:22:34 ----D---- C:\Windows\ShellNew
2016-11-26 18:22:09 ----D---- C:\Windows\system32\DriverStore
2016-11-26 17:29:30 ----D---- C:\Windows\CbsTemp
2016-11-26 16:49:50 ----D---- C:\Windows\system32\MRT
2016-11-26 16:44:35 ----D---- C:\Windows\debug
2016-11-26 16:44:25 ----AC---- C:\Windows\system32\MRT.exe
2016-11-26 16:21:39 ----SHD---- C:\System Volume Information
2016-11-26 16:20:40 ----D---- C:\Windows\system32\catroot2
2016-11-26 12:37:02 ----HD---- C:\ProgramData
2016-11-26 12:34:15 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-11-26 12:29:02 ----SHD---- C:\Windows\Installer
2016-11-26 12:28:56 ----D---- C:\Program Files (x86)\TOSHIBA
2016-11-26 12:28:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-26 12:28:20 ----D---- C:\Program Files (x86)
2016-11-26 12:28:01 ----D---- C:\Program Files (x86)\TOSHIBA Games
2016-11-26 12:27:32 ----D---- C:\ProgramData\WildTangent
2016-11-26 12:27:30 ----D---- C:\Program Files (x86)\WildTangent Games
2016-11-26 12:23:53 ----D---- C:\Windows\Minidump
2016-11-26 11:10:29 ----D---- C:\Windows\AppReadiness
2016-11-25 19:59:13 ----HD---- C:\Program Files\WindowsApps
2016-11-23 10:00:41 ----RD---- C:\Program Files (x86)\Skype
2016-11-21 18:26:37 ----D---- C:\Windows\SoftwareDistribution
2016-11-21 17:07:22 ----D---- C:\ProgramData\Oracle
2016-11-21 17:07:06 ----D---- C:\Program Files (x86)\Java
2016-11-21 17:06:55 ----D---- C:\Program Files (x86)\Common Files
2016-11-21 17:06:34 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-11-21 17:02:34 ----D---- C:\Users\Roman\AppData\Roaming\BitTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-09-09 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-10-13 293352]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-08-31 644968]
R0 tos_sps64;@oem21.inf,%SERVICE_DESC_amd64%;TOSHIBA tos_sps64 Service; C:\Windows\System32\drivers\tos_sps64.sys [2012-06-18 499096]
R0 TVALZ;@oem16.inf,%TVALZ.SvcDesc%;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\System32\drivers\TVALZ_O.SYS [2013-08-15 32832]
R0 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\System32\Drivers\TVALZFL.sys [2012-07-21 16768]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-09-09 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-09-09 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-09-13 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-09-25 513632]
R1 dtsoftbus01;@oem30.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2016-08-09 254528]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-09-09 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-09-09 163416]
R3 athr;@oem22.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-10-24 3858944]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-10-01 594632]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 CnxtHdAudService;@oem9.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2013-07-18 1387712]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-09-23 4177920]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-09-23 449528]
R3 iwdbus;@oem7.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-08-22 26008]
R3 L1C;@oem17.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C63x64.sys [2013-07-18 130248]
R3 MEIx64;@oem3.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-03 99288]
R3 QIOMem;@oem1.inf,%SERVICE_DISPLAY_NAME%;Generic IO & Memory Access; C:\Windows\System32\drivers\QIOMem.sys [2013-08-06 14000]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-22 34544]
R3 SynTP;@oem24.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-08-06 528112]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2012-07-25 31184]
R3 Thotkey;@oem13.inf,%Thotkey%;Toshiba Hotkey Driver; C:\Windows\System32\drivers\Thotkey.sys [2013-08-19 32624]
R3 tosrfec;@oem23.inf,%busenum.SVCDESC%;Bluetooth ACPI; C:\Windows\System32\drivers\tosrfec.sys [2013-11-01 27032]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-09-09 37656]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dg_ssudbus;@oem38.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dot4;@oem26.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem27.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem26.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 dtlitescsibus;@oem28.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2016-07-05 30264]
S3 dtliteusbbus;@oem29.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys [2016-07-05 47672]
S3 intaud_WaveExtensible;@oem6.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 mfencrk;McAfee Inc. mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [2014-09-19 96600]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2013-07-31 1936088]
S3 ssudmdm;@oem39.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;@oem40.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-10-01 312448]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-09 197128]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2015-02-05 225496]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-09-10 19792]
R2 FoxitReaderService;Foxit Reader Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [2016-11-15 1659592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\Toshiba\Teco\TecoService.exe [2013-08-10 328544]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-03 131544]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-03 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-03 390616]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-09-23 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-08-24 146888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-09 150600]
S3 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2016-08-05 183112]
S3 TemproMonitoringService;TEMPRO Service; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2013-07-19 116088]
S3 TMachInfo;TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2013-07-31 53864]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2013-09-04 466504]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomalý NTB

#6 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Polska Pasha
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 113
Registrován: 29 čer 2014 09:06

Re: Pomalý NTB

#7 Příspěvek od Polska Pasha »

Zdá se mi že je to stejné jako předtím.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomalý NTB

#8 Příspěvek od Rudy »

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Polska Pasha
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 113
Registrován: 29 čer 2014 09:06

Re: Pomalý NTB

#9 Příspěvek od Polska Pasha »

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 27. 11. 2016
Čas skenování: 8:02
Protokol: MBAM log 27.11.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.11.27.01
Databáze rootkitů: v2016.11.20.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Roman

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 573705
Uplynulý čas: 1 hod, 53 min, 52 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomalý NTB

#10 Příspěvek od Rudy »

Váš PC je čistý, log je OK. Zkuste defragmentovat disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Polska Pasha
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 113
Registrován: 29 čer 2014 09:06

Re: Pomalý NTB

#11 Příspěvek od Polska Pasha »

To jsem už udělal.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomalý NTB

#12 Příspěvek od Rudy »

OK, Zkotrolujeme samotný disk. Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ a přes Úpravy>kopírovat sem dejte log .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Polska Pasha
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 113
Registrován: 29 čer 2014 09:06

Re: Pomalý NTB

#13 Příspěvek od Polska Pasha »

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.4 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2016/11/27 21:02:35

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- TOSHIBA MQ01ABD075
- TSSTcorp CDDVDW SU-208FB
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MQ01ABD075 : 750,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) TOSHIBA MQ01ABD075
----------------------------------------------------------------------------
Model : TOSHIBA MQ01ABD075
Firmware : AX0A4M
Serial Number : 34ABSYX3S
Disk Size : 750,1 GB (8,4/137,4/750,1/750,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1465149168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/300
Power On Hours : 3622 hod.
Power On Count : 1526 krát
Temperature : 34 C (93 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __1 0000000006DE Čas na roztočení ploten
04 100 100 __0 0000000006B2 Počet spuštění/zastavení
05 100 100 _50 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _91 _91 __0 000000000E26 Hodin v činnosti
0A 134 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 0000000005F6 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000E92 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000009 Počet vypnutí disku
C1 _88 _88 __0 00000001E5DD Počet cyklů načítání/vymazání
C2 100 100 __0 003200120022 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DC 100 100 __0 000000000000 Posunutí disku vůči ose
DE _92 _92 __0 000000000CD2 Počet hodin zalažení budoucího mechanismu magnetických hlav
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E0 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené napětím mechanických částí
E2 100 100 __0 0000000000B8 Celkový čas zatížení budiče magnetických hlav
F0 100 100 __1 000000000000 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2033 3441 4253 5958 3353
020: 0000 4000 0000 4158 3041 344D 2020 544F 5348 4942
030: 4120 4D51 3031 4142 4430 3735 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0407 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0F06 0004 004C 004C
080: 01F8 0000 746B 7D09 6163 7469 BC09 6163 003F 0058
090: 0058 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 66F0 5754 0000 0000 0000 0000 4000 0000 5000 0395
110: 65B0 37EE 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 99A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 27 00 64 64 DE
020: 06 00 00 00 00 00 04 32 00 64 64 B2 06 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 5B 5B 26 0E 00 00 00
060: 00 00 0A 33 00 86 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 F6 05 00 00 00 00 00 BF 32 00 64 64 92
080: 0E 00 00 00 00 00 C0 32 00 64 64 09 00 00 00 00
090: 00 00 C1 32 00 58 58 DD E5 01 00 00 00 00 C2 22
0A0: 00 64 64 22 00 12 00 32 00 00 C4 32 00 64 64 00
0B0: 00 00 00 00 00 00 C5 32 00 64 64 00 00 00 00 00
0C0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 32
0D0: 00 C8 C8 00 00 00 00 00 00 00 DC 02 00 64 64 00
0E0: 00 00 00 00 00 00 DE 32 00 5C 5C D2 0C 00 00 00
0F0: 00 00 DF 32 00 64 64 00 00 00 00 00 00 00 E0 22
100: 00 64 64 00 00 00 00 00 00 00 E2 26 00 64 64 B8
110: 00 00 00 00 00 00 F0 01 00 64 64 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 5B
170: 03 00 01 00 02 BC 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A8

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 00 00 00 00 00 00 00 00 02 32
010: 00 00 00 00 00 00 00 00 00 00 03 01 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 32 00 00 00 00 00 00 00 00 00 00 07 32
040: 00 00 00 00 00 00 00 00 00 00 08 32 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 1E 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 DC 00 00 00 00 00
0E0: 00 00 00 00 00 00 DE 00 00 00 00 00 00 00 00 00
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E0 00
100: 00 00 00 00 00 00 00 00 00 00 E2 00 00 00 00 00
110: 00 00 00 00 00 00 F0 01 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 36
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomalý NTB

#14 Příspěvek od Rudy »

Disk je v pořádku. Co jste instaloval těsně před tím, než se problém objevil?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Polska Pasha
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 113
Registrován: 29 čer 2014 09:06

Re: Pomalý NTB

#15 Příspěvek od Polska Pasha »

Office 2010,2007. Par her, ale spiše mě zajimaji ty aplikace od Toshiby co tam jsou nainstalovane, přijdou mi zbytečné ale nevim zda je mám odinstalovat. Jestli chcete poslal bych vam screen tech aplikaci.
Nahoru
Zamčeno

Zpět na „Sekce pouze pro Vzorné návštěvníky“